The present invention relates to secure and authenticated communication and storage, and more particularly by use of public random permutations.
This section is intended to provide a background or context to the invention disclosed below. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived, implemented or described. Therefore, unless otherwise explicitly indicated herein, what is described in this section is not prior art to the description in this application and is not admitted to be prior art by inclusion in this section. Abbreviations that may be found in the specification and/or the drawing figures are defined below, after the detailed description section.
In modern cryptography, secure communication between two parties entails a key exchange protocol followed by symmetric key encryption and/or authentication. A key exchange protocol allows the two communicating parties to establish a common secret key, i.e., a key that is secret to the rest of the world. It is usually required that this key be a uniformly random sequence of bits as far as the rest of the world is concerned. After the establishment of the key, the two parties can communicate with each other using symmetric key cryptography. The term “symmetric” is used to emphasize that both parties have the same key, and their operations are symmetric.
Symmetric key encryption is usually performed using a keyed block cipher. A block cipher operates on a fixed sized block of input, e.g., 128 bits. For example, Advanced Encryption Standard (AES) is such a block cipher. However, if one wants to communicate a large amount of data, i.e., much larger than 128 bits, then one must use one of the well-known algorithms (also called modes) that can employ the fixed block-size block cipher. Examples of such algorithms or modes of operations are Cipher-Block-Chain (CBC), Counter-Mode, Integrity-Aware-Parallelizable Mode (IAPM), Offset-Code-Book (OCB), and the like. The latter two modes also provide authentication of the message being communicated (i.e., a proof that the message was not maliciously modified during communication or even sent by someone not in possession of the common secret key). A mode which provides both authentication and secrecy is called an authenticated encryption mode.
Although there are many encryption schemes that use keys for permutations, it would be beneficial to have schemes that use permutations that are keyless, where such schemes allow an authenticated encryption mode as an option.